c21bbc2242173bd89a93fd89586b40aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c21bbc2242173bd89a93fd89586b40aa_JaffaCakes118
Size

483KB
MD5

c21bbc2242173bd89a93fd89586b40aa
SHA1

1971768e09f2dbacd3100a36c301d5f05d061aee
SHA256

0a03225d9444a093786d157f591ad6997a5070f0fdeb2cfb0373d203e50ed03b
SHA512

4c31f7878e9193b5a36e2779127627a2a82cc1a894152ad2c0efa9569791841089bd27ef5654e311b38da7f0d4e51c0c1e148d3a9a5b2664ec8f3190d0481659
SSDEEP

12288:rZ3ow4JSjf3POJT2JaQ3eLPsKFga06vSYzHdv:rOCfWJTfQ3Ws09vxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c21bbc2242173bd89a93fd89586b40aa_JaffaCakes118

Files

c21bbc2242173bd89a93fd89586b40aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e95762e63cd1b72b159ce9df2209204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

TlsAlloc
OpenMutexA
GetStartupInfoA
HeapDestroy
CompareStringW
TlsGetValue
ReadFile
HeapFree
UnhandledExceptionFilter
GetEnvironmentStrings
HeapCreate
HeapSize
GetProcAddress
OpenEventW
GetSystemTimeAsFileTime
SetEnvironmentVariableA
InitializeCriticalSection
SetHandleCount
GetCPInfo
QueryPerformanceCounter
EnterCriticalSection
HeapReAlloc
InterlockedDecrement
MultiByteToWideChar
GlobalSize
GetVersion
ReadConsoleOutputAttribute
SetLastError
TerminateProcess
InterlockedIncrement
GetCurrentProcess
WriteFile
HeapAlloc
EnumCalendarInfoA
LeaveCriticalSection
IsBadWritePtr
VirtualQuery
GetCommandLineA
InterlockedExchange
CreateMutexA
RtlUnwind
GetEnvironmentStringsW
GetStdHandle
TlsFree
FreeEnvironmentStringsW
VirtualFree
GetTimeZoneInformation
GetMailslotInfo
FreeEnvironmentStringsA
GetModuleFileNameW
LCMapStringA
GetStringTypeA
SetFilePointer
GetTickCount
CreateWaitableTimerW
CompareStringA
GetModuleFileNameA
FlushFileBuffers
CloseHandle
GetCommandLineW
LockFileEx
GetStringTypeW
WideCharToMultiByte
GetOEMCP
SetStdHandle
GetSystemTime
GetModuleHandleA
DeleteCriticalSection
SetConsoleTextAttribute
GetLocalTime
GetLastError
FileTimeToLocalFileTime
GetCurrentThread
FindNextChangeNotification
GetPrivateProfileIntW
GetStartupInfoW
GetFileType
GetCurrentProcessId
LCMapStringW
VirtualAlloc
ExitProcess
LoadLibraryA
TlsSetValue
GetCurrentThreadId

user32

GetNextDlgGroupItem
SetWindowsHookA
SetActiveWindow
CallMsgFilterA
RegisterClassA
OpenWindowStationA
RegisterClassExA
RegisterClassW
TranslateAcceleratorA
EmptyClipboard
DdeConnect
DdeNameService
CopyAcceleratorTableW
SetWindowRgn
LoadStringW

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e95762e63cd1b72b159ce9df2209204

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 28KB - Virtual size: 43KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 28KB - Virtual size: 43KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 9KB - Virtual size: 8KB